/**
 * Project Name:lmExpress-platform
 * File Name:ShiroOrFilter.java
 * Package Name:cn.bluemobi.platform.core.shiro
 * Date:2016年12月12日下午1:41:19
 * Copyright (c) 2016, bluemobi.cn All Rights Reserved.
 *
*/

package cn.bluemobi.platform.core.shiro;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;

/**
 * Description: 多个权限中，有一个既可以访问 <br/>
 * Date: 2016年12月12日 下午1:41:19 <br/>
 * 
 * @author hut
 * @version
 * @see
 */
public class ShiroAnyFilter extends AuthorizationFilter {

    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
            throws Exception {
        Subject subject = getSubject(request, response);
        String[] permsArray = (String[]) mappedValue;

        if (permsArray == null || permsArray.length == 0) {
            return true;
        }
        for (String perm : permsArray) {
            if (subject.isPermitted(perm)) {
                return true;
            }
        }
        return false;
    }

}
